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         Multicast Considerations over IEEE 802 Wireless Media

Abstract

   Well-known issues with multicast have prevented the deployment of
   multicast in 802.11 (Wi-Fi) and other local-area wireless
   environments.  This document describes the known limitations of
   wireless (primarily 802.11) Layer 2 multicast.  Also described are
   certain multicast enhancement features that have been specified by
   the IETF and by IEEE 802 for wireless media, as well as some
   operational choices that can be made to improve the performance of
   the network.  Finally, some recommendations are provided about the
   usage and combination of these features and operational choices.
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1.  Introduction

   Well-known issues with multicast have prevented the deployment of
   multicast in 802.11 [dot11] and other local-area wireless
   environments, as described in [mc-props] and [mc-prob-stmt].
   Performance issues have been observed when multicast packet
   transmissions of IETF protocols are used over IEEE 802 wireless
   media.  Even though enhancements for multicast transmissions have
   been designed at both IETF and IEEE 802, incompatibilities still
   exist between specifications, implementations, and configuration
   choices.

   Many IETF protocols depend on multicast/broadcast for delivery of
   control messages to multiple receivers.  Multicast allows data to be
   sent to multiple interested recipients without the source needing to
   send duplicate data to each recipient.  With broadcast traffic, data
   is sent to every device regardless of their expressed interest in the
   data.  Multicast is used for various purposes such as Neighbor
   Discovery, network flooding, and address resolution, as well as
   minimizing media occupancy for the transmission of data that is
   intended for multiple receivers.  In addition to protocol use of
   broadcast/multicast for control messages, more applications, such as
   Push To Talk in hospitals or video in enterprises, universities, and
   homes, are sending multicast IP to end-user devices, which are
   increasingly using Wi-Fi for their connectivity.

   IETF protocols typically rely on network protocol layering in order
   to reduce or eliminate any dependence of higher-level protocols on
   the specific nature of the MAC-layer protocols or the physical media.
   In the case of multicast transmissions, higher-level protocols have
   traditionally been designed as if transmitting a packet to an IP
   address had the same cost in interference and network media access,
   regardless of whether the destination IP address is a unicast address
   or a multicast or broadcast address.  This model was reasonable for
   networks where the physical medium was wired, like Ethernet.
   Unfortunately, for many wireless media, the costs to access the
   medium can be quite different.  Multicast over Wi-Fi has often been
   plagued by such poor performance that it is disallowed.  Some
   enhancements have been designed in IETF protocols that are assumed to
   work primarily over wireless media.  However, these enhancements are
   usually implemented in limited deployments and are not widespread on
   most wireless networks.

   IEEE 802 wireless protocols have been designed with certain features
   to support multicast traffic.  For instance, lower modulations are
   used to transmit multicast frames so that these can be received by
   all stations in the cell, regardless of the distance or path
   attenuation from the base station or Access Point (AP).  However,
   these lower modulation transmissions occupy the medium longer; they
   hamper efficient transmission of traffic using higher-order
   modulations to nearby stations.  For these and other reasons, IEEE
   802 Working Groups such as 802.11 have designed features to improve
   the performance of multicast transmissions at Layer 2 [ietf_802-11].
   In addition to protocol design features, certain operational and
   configuration enhancements can ameliorate the network performance
   issues created by multicast traffic, as described in Section 5.

   There seems to be general agreement that these problems will not be
   fixed anytime soon, primarily because it's expensive to do so and
   because of the unreliability of multicast.  Compared to unicast over
   Wi-Fi, multicast is often treated as somewhat of a second-class
   citizen even though there are many protocols using multicast.
   Something needs to be provided in order to make them more reliable.
   IPv6 Neighbor Discovery saturating the Wi-Fi link is only part of the
   problem.  Wi-Fi traffic classes may help.  This document is intended
   to help make the determination about what problems should be solved
   by the IETF and what problems should be solved by the IEEE (see
   Section 8).

   This document details various problems caused by multicast
   transmission over wireless networks, including high packet error
   rates, no acknowledgements, and low data rate.  It also explains some
   enhancements that have been designed at the IETF and IEEE 802.11 to
   ameliorate the effects of the radio medium on multicast traffic.
   Recommendations are also provided to implementors about how to use
   and combine these enhancements.  Some advice about the operational
   choices that can be made is also included.  It is likely that this
   document will also be considered relevant to designers of future IEEE
   wireless specifications.

2.  Terminology

   This document uses the following definitions:

   ACK
      The 802.11 Layer 2 acknowledgement.

   AES-CCMP
      AES-Counter Mode CBC-MAC Protocol

   AP
      IEEE 802.11 Access Point.

   Basic rate
      The slowest rate of all the connected devices at which multicast
      and broadcast traffic is generally transmitted.

   DVB-H
      Digital Video Broadcasting - Handheld

   DVB-IPDC
      Digital Video Broadcasting - Internet Protocol Datacasting

   DTIM
      Delivery Traffic Indication Map; an information element that
      advertises whether or not any associated stations have buffered
      multicast or broadcast frames.

   MCS
      Modulation and Coding Scheme.

   NOC
      Network Operations Center.

   PER
      Packet Error Rate.

   STA
      802.11 station (e.g., handheld device).

   TIM
      Traffic Indication Map; an information element that advertises
      whether or not any associated stations have buffered unicast
      frames.

   TKIP
      Temporal Key Integrity Protocol

   WiMAX
      Worldwide Interoperability for Microwave Access

   WPA
      Wi-Fi Protected Access

3.  Identified Multicast Issues

3.1.  Issues at Layer 2 and Below

   In this section, some of the issues related to the use of multicast
   transmissions over IEEE 802 wireless technologies are described.

3.1.1.  Multicast Reliability

   Multicast traffic is typically much less reliable than unicast
   traffic.  Since multicast makes point-to-multipoint communications,
   multiple acknowledgements would be needed to guarantee reception at
   all recipients.  However, since there are no ACKs for multicast
   packets, it is not possible for the AP to know whether or not a
   retransmission is needed.  Even in the wired Internet, this
   characteristic often causes undesirably high error rates.  This has
   contributed to the relatively slow uptake of multicast applications
   even though the protocols have long been available.  The situation
   for wireless links is much worse and is quite sensitive to the
   presence of background traffic.  Consequently, there can be a high
   packet error rate (PER) due to lack of retransmission and because the
   sender never backs off.  PER is the ratio, in percent, of the number
   of packets not successfully received by the device.  It is not
   uncommon for there to be a packet loss rate of 5% or more, which is
   particularly troublesome for video and other environments where high
   data rates and high reliability are required.

3.1.2.  Lower and Variable Data Rate

   Multicast over wired differs from multicast over wireless because
   transmission over wired links often occurs at a fixed rate.  Wi-Fi,
   on the other hand, has a transmission rate that varies depending upon
   the STA's proximity to the AP.  The throughput of video flows and the
   capacity of the broader Wi-Fi network will change with device
   movement.  This impacts the ability for QoS solutions to effectively
   reserve bandwidth and provide admission control.

   For wireless stations authenticated and linked with an AP, the power
   necessary for good reception can vary from station to station.  For
   unicast, the goal is to minimize power requirements while maximizing
   the data rate to the destination.  For multicast, the goal is simply
   to maximize the number of receivers that will correctly receive the
   multicast packet; generally, the AP has to use a much lower data rate
   at a power level high enough for even the farthest station to receive
   the packet, for example, as briefly mentioned in Section 4 of
   [RFC5757].  Consequently, the data rate of a video stream, for
   instance, would be constrained by the environmental considerations of
   the least-reliable receiver associated with the AP.

   Because more robust modulation and coding schemes (MCSs) have a
   longer range but also a lower data rate, multicast/broadcast traffic
   is generally transmitted at the slowest rate of all the connected
   devices.  This is also known as the basic rate.  The amount of
   additional interference depends on the specific wireless technology.
   In fact, backward compatibility and multi-stream implementations mean
   that the maximum unicast rates are currently up to a few Gbps, so
   there can be more than 3 orders of magnitude difference in the
   transmission rate between multicast/broadcast versus optimal unicast
   forwarding.  Some techniques employed to increase spectral
   efficiency, such as spatial multiplexing in Multiple Input Multiple
   Output (MIMO) systems, are not available with more than one intended
   receiver; it is not the case that backwards compatibility is the only
   factor responsible for lower multicast transmission rates.

   Wired multicast also affects wireless LANs when the AP extends the
   wired segment; in that case, multicast/broadcast frames on the wired
   LAN side are copied to the Wireless Local Area Network (WLAN).  Since
   broadcast messages are transmitted at the most robust MCS, many large
   frames are sent at a slow rate over the air.

3.1.3.  Capacity and Impact on Interference

   Transmissions at a lower rate require longer occupancy of the
   wireless medium and thus take away from the airtime of other
   communications and degrade the overall capacity.  Furthermore,
   transmission at higher power, as is required to reach all multicast
   STAs associated with the AP, proportionately increases the area of
   interference with other consumers of the radio spectrum.

3.1.4.  Power-Save Effects on Multicast

   One of the characteristics of multicast transmission over Wi-Fi is
   that every station has to be configured to wake up to receive the
   multicast frame, even though the received packet may ultimately be
   discarded.  This process can have a large effect on the power
   consumption by the multicast receiver station.  For this reason,
   there are workarounds, such as Directed Multicast Service (DMS)
   described in Section 4, to prevent unnecessarily waking up stations.

   Multicast (and unicast) can work poorly with the power-save
   mechanisms defined in IEEE 802.11e for the following reasons.

   *  Clients may be unable to stay in sleep mode due to multicast
      control packets frequently waking them up.

   *  A unicast packet is delayed until an STA wakes up and requests it.
      Unicast traffic may also be delayed to improve power save and
      efficiency and to increase the probability of aggregation.

   *  Multicast traffic is delayed in a wireless network if any of the
      STAs in that network are power savers.  All STAs associated with
      the AP have to be awake at a known time to receive multicast
      traffic.

   *  Packets can also be discarded due to buffer limitations in the AP
      and non-AP STA.

3.2.  Issues at Layer 3 and Above

   This section identifies some representative IETF protocols and
   describes possible negative effects due to performance degradation
   when using multicast transmissions for control messages.  Common uses
   of multicast include:

   *  Control plane signaling

   *  Neighbor Discovery

   *  Address resolution

   *  Service Discovery

   *  Applications (video delivery, stock data, etc.)

   *  On-demand routing

   *  Backbone construction

   *  Other Layer 3 protocols (non-IP)

   User Datagram Protocol (UDP) is the most common transport-layer
   protocol for multicast applications.  By itself, UDP is not reliable
   -- messages may be lost or delivered out of order.

3.2.1.  IPv4 Issues

   The following list contains some representative discovery protocols
   that utilize broadcast/multicast and are used with IPv4.

   *  ARP [RFC0826]

   *  DHCP [RFC2131]

   *  Multicast DNS (mDNS) [RFC6762]

   *  Universal Plug and Play (uPnP) [RFC6970]

   After initial configuration, ARP (described in more detail later),
   DHCP, and uPnP occur much less commonly, but service discovery can
   occur at any time.  Some widely deployed service discovery protocols
   (e.g., for finding a printer) utilize mDNS (i.e., multicast), which
   is often dropped by operators.  Even if multicast snooping [RFC4541]
   (which provides the benefit of conserving bandwidth on those segments
   of the network where no node has expressed interest in receiving
   packets addressed to the group address) is utilized, many devices can
   register at once and cause serious network degradation.

3.2.2.  IPv6 Issues

   IPv6 makes extensive use of multicast, including the following:

   *  DHCPv6 [RFC8415]

   *  Protocol Independent Multicast (PIM) [RFC7761]

   *  IPv6 Neighbor Discovery Protocol (NDP) [RFC4861]

   *  Multicast DNS (mDNS) [RFC6762]

   *  Router Discovery [RFC4286]

   IPv6 NDP Neighbor Solicitation (NS) messages used in Duplicate
   Address Detection (DAD) and address lookup make use of link-scope
   multicast.  In contrast to IPv4, an IPv6 node will typically use
   multiple addresses and may change them often for privacy reasons.
   This intensifies the impact of multicast messages that are associated
   with the mobility of a node.  Router advertisement (RA) messages are
   also periodically multicast over the link.

   Neighbors may be considered lost if several consecutive Neighbor
   Discovery packets fail.

3.2.3.  MLD Issues

   Multicast Listener Discovery (MLD) [RFC4541] is used to identify
   members of a multicast group that are connected to the ports of a
   switch.  Forwarding multicast frames into a Wi-Fi-enabled area can
   use switch support for hardware forwarding state information.
   However, since IPv6 makes heavy use of multicast, each STA with an
   IPv6 address will require state on the switch for several and
   possibly many solicited-node multicast addresses.  A solicited-node
   multicast address is an IPv6 multicast address used by NDP to verify
   whether an IPv6 address is already used by the local link.  Multicast
   addresses that do not have forwarding state installed (perhaps due to
   hardware memory limitations on the switch) cause frames to be flooded
   on all ports of the switch.  Some switch vendors do not support MLD
   for link-scope multicast due to the increase it can cause in state.

3.2.4.  Spurious Neighbor Discovery

   On the Internet, there is a "background radiation" of scanning
   traffic (people scanning for vulnerable machines) and backscatter
   (responses from spoofed traffic, etc.).  This means that routers very
   often receive packets destined for IPv4 addresses regardless of
   whether those IP addresses are in use.  In the cases where the IP is
   assigned to a host, the router broadcasts an ARP request, receives an
   ARP reply, and caches it; then, traffic can be delivered to the host.
   When the IP address is not in use, the router broadcasts one (or
   more) ARP requests and never gets a reply.  This means that it does
   not populate the ARP cache, and the next time there is traffic for
   that IP address, the router will rebroadcast the ARP requests.

   The rate of these ARP requests is proportional to the size of the
   subnets, the rate of scanning and backscatter, and how long the
   router keeps state on non-responding ARPs.  As it turns out, this
   rate is inversely proportional to how occupied the subnet is (valid
   ARPs end up in a cache, stopping the broadcasting; unused IPs never
   respond, and so cause more broadcasts).  Depending on the address
   space in use, the time of day, how occupied the subnet is, and other
   unknown factors, thousands of broadcasts per second have been
   observed.  Around 2,000 broadcasts per second have been observed at
   the IETF NOC during face-to-face meetings.

   With Neighbor Discovery for IPv6 [RFC4861], nodes accomplish address
   resolution by multicasting a Neighbor Solicitation that asks the
   target node to return its link-layer address.  Neighbor Solicitation
   messages are multicast to the solicited-node multicast address of the
   target address.  The target returns its link-layer address in a
   unicast Neighbor Advertisement message.  A single request-response
   pair of packets is sufficient for both the initiator and the target
   to resolve each other's link-layer addresses; the initiator includes
   its link-layer address in the Neighbor Solicitation.

   On a wired network, there is not a huge difference between unicast,
   multicast, and broadcast traffic.  Due to hardware filtering (see,
   e.g., [Deri-2010]), inadvertently flooded traffic (or excessive
   Ethernet multicast) on wired networks can be quite a bit less costly
   compared to wireless cases where sleeping devices have to wake up to
   process packets.  Wired Ethernets tend to be switched networks,
   further reducing interference from multicast.  There is effectively
   no collision / scheduling problem except at extremely high port
   utilizations.

   This is not true in the wireless realm; wireless equipment is often
   unable to send high volumes of broadcast and multicast traffic,
   causing numerous broadcast and multicast packets to be dropped.
   Consequently, when a host connects, it is often not able to complete
   DHCP, and IPv6 RAs get dropped, leading to users being unable to use
   the network.

4.  Multicast Protocol Optimizations

   This section lists some optimizations that have been specified in
   IEEE 802 and IETF that are aimed at reducing or eliminating the
   issues discussed in Section 3.

4.1.  Proxy ARP in 802.11-2012

   The AP knows the Medium Access Control (MAC) address and IP address
   for all associated STAs.  In this way, the AP acts as the central
   "manager" for all the 802.11 STAs in its Basic Service Set (BSS).
   Proxy ARP is easy to implement at the AP and offers the following
   advantages:

   *  Reduced broadcast traffic (transmitted at low MCS) on the wireless
      medium.

   *  STA benefits from extended power save in sleep mode, as ARP
      requests for STA's IP address are handled instead by the AP.

   *  ARP frames are kept off the wireless medium.

   *  No changes are needed to STA implementation.

   Here is the specification language as described in clause 10.23.13 of
   [dot11-proxyarp]:

   |  When the AP supports Proxy ARP "[...] the AP shall maintain a
   |  Hardware Address to Internet Address mapping for each associated
   |  station, and shall update the mapping when the Internet Address of
   |  the associated station changes.  When the IPv4 address being
   |  resolved in the ARP request packet is used by a non-AP STA
   |  currently associated to the BSS, the proxy ARP service shall
   |  respond on behalf of the STA to an ARP request or an ARP Probe.

4.2.  IPv6 Address Registration and Proxy Neighbor Discovery

   As used in this section, a Low-Power Wireless Personal Area Network
   (6LoWPAN) denotes a Low-Power and Lossy Network (LLN) that supports
   6LoWPAN Header Compression (HC) [RFC6282].  A 6TiSCH network
   [RFC9030] is an example of a 6LoWPAN.  In order to control the use of
   IPv6 multicast over 6LoWPANs, the 6LoWPAN Neighbor Discovery (6LoWPAN
   ND) [RFC6775] standard defines an address registration mechanism that
   relies on a central registry to assess address uniqueness as a
   substitute to the inefficient DAD mechanism found in the mainstream
   IPv6 Neighbor Discovery Protocol (NDP) [RFC4861] [RFC4862].

   The 6lo Working Group has specified an update to [RFC6775].  Wireless
   devices can register their address to a Backbone Router [RFC8929],
   which proxies for the registered addresses with the IPv6 NDP running
   on a high-speed aggregating backbone.  The update also enables a
   proxy registration mechanism on behalf of the Registered Node, e.g.,
   by a 6LoWPAN router to which the mobile node is attached.

   The general idea behind the Backbone Router concept is that broadcast
   and multicast messaging should be tightly controlled in a variety of
   WLANs and Wireless Personal Area Networks (WPANs).  Connectivity to a
   particular link that provides the subnet should be left to Layer 3.
   The model for the Backbone Router operation is represented in
   Figure 1.

                 |
               +-----+
               |     | Gateway (default) router
               |     |
               +-----+
                  |
                  |      Backbone Link
            +--------------------+------------------+
            |                    |                  |
         +-----+             +-----+             +-----+
         |     | Backbone    |     | Backbone    |     | Backbone
         |     | router 1    |     | router 2    |     | router 3
         +-----+             +-----+             +-----+
            o                o   o  o              o o
        o o   o  o       o o   o  o  o         o  o  o  o o
       o  o o  o o       o   o  o  o  o        o  o  o o o
       o   o  o  o          o    o  o           o  o   o
         o   o o               o  o                 o o

           LLN 1              LLN 2                LLN 3

                Figure 1: Backbone Link and Backbone Routers

   LLN nodes can move freely from an LLN anchored at one IPv6 Backbone
   Router to an LLN anchored at another Backbone Router on the same
   backbone, keeping any of the IPv6 addresses they have configured.
   The Backbone Routers maintain a Binding Table of their Registered
   Nodes, which serves as a distributed database of all the LLN nodes.
   An extension to the Neighbor Discovery Protocol is introduced to
   exchange Binding Table information across the Backbone Link as needed
   for the operation of IPv6 Neighbor Discovery.

   [RFC6775] and follow-on work [RFC8505] address the needs of LLNs, and
   similar techniques are likely to be valuable on any type of link
   where sleeping devices are attached or where the use of broadcast and
   multicast operations should be limited.

4.3.  Buffering to Improve Battery Life

   Methods have been developed to help save battery life; for example, a
   device might not wake up when the AP receives a multicast packet.
   The AP acts on behalf of STAs in various ways.  To enable use of the
   power-saving feature for STAs in its BSS, the AP buffers frames for
   delivery to the STA at the time when the STA is scheduled for
   reception.  If an AP, for instance, expresses a Delivery Traffic
   Indication Message (DTIM) of 3, then the AP will send a multicast
   packet every 3 packets.  In fact, when any single wireless STA
   associated with an AP has 802.11 power-save mode enabled, the AP
   buffers all multicast frames and sends them only after the next DTIM
   beacon.

   In practice, most APs will send a multicast every 30 packets.  For
   unicast, the AP could send a Traffic Indication Message (TIM), but,
   for multicast, the AP sends a broadcast to everyone.  DTIM does power
   management, but STAs can choose whether to wake up and whether to
   drop the packet.  Unfortunately, without proper administrative
   control, such STAs may be unable to determine why their multicast
   operations do not work.

4.4.  Limiting Multicast Buffer Hardware Queue Depth

   The Content after Beacon (CAB) queue is used for beacon-triggered
   transmission of buffered multicast frames.  If lots of multicast
   frames were buffered and this queue fills up, it drowns out all
   regular traffic.  To limit the damage that buffered traffic can do,
   some drivers limit the amount of queued multicast data to a fraction
   of the beacon_interval.  An example of this is [CAB].

4.5.  IPv6 Support in 802.11-2012

   IPv6 uses NDP instead of ARP.  Every IPv6 node subscribes to a
   special multicast address for this purpose.

   Here is the specification language from clause 10.23.13 of
   [dot11-proxyarp]:

   |  When an IPv6 address is being resolved, the Proxy Neighbor
   |  Discovery service shall respond with a Neighbor Advertisement
   |  message [...] on behalf of an associated STA to an [ICMPv6]
   |  Neighbor Solicitation message [...].  When MAC address mappings
   |  change, the AP may send unsolicited Neighbor Advertisement
   |  Messages on behalf of a STA.

   NDP may be used to request additional information using the following
   methods, among others:

   *  Maximum Transmission Unit

   *  Router Solicitation

   *  Router Advertisement

   NDP messages are sent as group-addressed (broadcast) frames in
   802.11.  Using the proxy operation helps to keep NDP messages off the
   wireless medium.

4.6.  Using Unicast Instead of Multicast

   It is often possible to transmit multicast control and data messages
   by using unicast transmissions to each station individually.

4.6.1.  Overview

   In many situations, it's a good choice to use unicast instead of
   multicast over the Wi-Fi link.  This avoids most of the problems
   specific to multicast over Wi-Fi, since the individual frames are
   then acknowledged and buffered for power-save clients in the way that
   unicast traffic normally operates.

   This approach comes with the trade-off of sometimes sending the same
   packet multiple times over the Wi-Fi link.  However, in many cases,
   such as video into a residential home network, this can be a good
   trade-off since the Wi-Fi link may have enough capacity for the
   unicast traffic to be transmitted to each subscribed STA, even though
   multicast addressing may have been necessary for the upstream access
   network.

   Several technologies exist that can be used to arrange unicast
   transport over the Wi-Fi link, outlined in the subsections below.

4.6.2.  Layer 2 Conversion to Unicast

   It is often possible to transmit multicast control and data messages
   by using unicast transmissions to each station individually.

   Although there is not yet a standardized method of conversion, at
   least one widely available implementation exists in the Linux
   bridging code [bridge-mc-2-uc].  Other proprietary implementations
   are available from various vendors.  In general, these
   implementations perform a straightforward mapping for groups or
   channels, discovered by IGMP or MLD snooping, to the corresponding
   unicast MAC addresses.

4.6.3.  Directed Multicast Service (DMS)

   DMS enables an STA to request that the AP transmit multicast group-
   addressed frames destined to the requesting STAs as individually
   addressed frames (i.e., convert multicast to unicast).  Here are some
   characteristics of DMS:

   *  Requires 802.11n Aggregate MAC Service Data Units (A-MSDUs).

   *  Individually addressed frames are acknowledged and are buffered
      for power-save STAs.

   *  The requesting STA may specify traffic characteristics for DMS
      traffic.

   *  DMS was defined in IEEE Std 802.11v-2011 [v2011].

   *  DMS requires changes to both AP and STA implementation.

   DMS is not currently implemented in products.  See [Tramarin2017] and
   [Oliva2013] for more information.

4.6.4.  Automatic Multicast Tunneling (AMT)

   AMT [RFC7450] provides a method to tunnel multicast IP packets inside
   unicast IP packets over network links that only support unicast.
   When an operating system or application running on an STA has an AMT
   gateway capability integrated, it's possible to use unicast to
   traverse the Wi-Fi link by deploying an AMT relay in the non-Wi-Fi
   portion of the network connected to the AP.

   It is recommended that multicast-enabled networks deploying AMT
   relays for this purpose make the relays locally discoverable with the
   following methods, as described in [RFC8777]:

   *  DNS-based Service Discovery (DNS-SD) [RFC6763]

   *  The well-known IP addresses from Section 7 of [RFC7450]

   An AMT gateway that implements multiple standard discovery methods is
   more likely to discover the local multicast-capable network instead
   of forming a connection to a nonlocal AMT relay further upstream.

4.7.  GroupCast with Retries (GCR)

   GCR (defined in [dot11aa]) provides greater reliability by using
   either unsolicited retries or a block acknowledgement mechanism.  GCR
   increases the probability of broadcast frame reception success but
   still does not guarantee success.

   For the block acknowledgement mechanism, the AP transmits each group-
   addressed frame as a conventional group-addressed transmission.
   Retransmissions are group addressed but hidden from non-11aa STAs.  A
   directed block acknowledgement scheme is used to harvest reception
   status from receivers; retransmissions are based upon these
   responses.

   GCR is suitable for all group sizes including medium to large groups.
   As the number of devices in the group increases, GCR can send block
   acknowledgement requests to only a small subset of the group.  GCR
   does require changes to both AP and STA implementations.

   GCR may introduce unacceptable latency.  After sending a group of
   data frames to the group, the AP has to do the following:

   *  Unicast a Block Ack Request (BAR) to a subset of members.

   *  Wait for the corresponding Block Ack (BA).

   *  Retransmit any missed frames.

   *  Resume other operations that may have been delayed.

   This latency may not be acceptable for some traffic.

   There are ongoing extensions in 802.11 to improve GCR performance.

   *  BAR is sent using downlink Multi-User MIMO.

   *  BA is sent using uplink MU-MIMO (uplink MU-MIMO is an IEEE
      801.11ax-2021 feature).

   *  Latency may also be reduced by simultaneously receiving BA
      information from multiple STAs.

5.  Operational Optimizations

   This section lists some operational optimizations that can be
   implemented when deploying wireless IEEE 802 networks to mitigate
   some of the issues discussed in Section 3.

5.1.  Mitigating Problems from Spurious Neighbor Discovery

   ARP Sponges
         An ARP Sponge sits on a network and learns which IP addresses
         are actually in use.  It also listens for ARP requests, and, if
         it sees an ARP for an IP address that it believes is not used,
         it will reply with its own MAC address.  This means that the
         router now has an IP-to-MAC mapping, which it caches.  If that
         IP is later assigned to a machine (e.g., using DHCP), the ARP
         Sponge will see this and will stop replying for that address.
         Gratuitous ARPs (or the machine ARPing for its gateway) will
         replace the sponged address in the router ARP table.  This
         technique is quite effective; unfortunately, the ARP Sponge
         daemons were not really designed for this use (one of the most
         widely deployed ARP Sponges [arpsponge] was designed to deal
         with the disappearance of participants from an Internet
         Exchange Point (IXP)) and so are not optimized for this
         purpose.  One daemon is needed per subnet; the tuning is tricky
         (the scanning rate versus the population rate versus retries,
         etc.), and sometimes daemons just stop, requiring a restart of
         the daemon that causes disruption.

   Router mitigations
         Some routers (often those based on Linux) implement a "negative
         ARP cache" daemon.  If the router does not see a reply to an
         ARP, it can be configured to cache this information for some
         interval.  Unfortunately, the core routers in use often do not
         support this.  Instead, when a host connects to a network and
         gets an IP address, it will ARP for its default gateway (the
         router).  The router will update its cache with the IP to host
         MAC mapping learned from the request (passive ARP learning).

   Firewall unused space
         The distribution of users on wireless networks / subnets may
         change in various use cases, such as conference venues (e.g.,
         Service Set Identifiers (SSIDs) are renamed, some SSIDs lose
         favor, etc.).  This makes utilization for particular SSIDs
         difficult to predict ahead of time, but usage can be monitored
         as attendees use the different networks.  Configuring multiple
         DHCP pools per subnet and enabling them sequentially can create
         a large subnet from which only addresses in the lower portions
         are assigned.  Therefore, input IP access lists can be applied,
         which deny traffic to the upper, unused portions.  Then the
         router does not attempt to forward packets to the unused
         portions of the subnets and so does not ARP for it.  This
         method has proven to be very effective but is somewhat of a
         blunt axe, is fairly labor intensive, and requires
         coordination.

   Disabling/Filtering ARP requests
         In general, the router does not need to ARP for hosts; when a
         host connects, the router can learn the IP-to-MAC mapping from
         the ARP request sent by that host.  Consequently, it should be
         possible to disable and/or filter ARP requests from the router.
         Unfortunately, ARP is a very low-level/fundamental part of the
         IP stack and is often offloaded from the normal control plane.
         While many routers can filter Layer 2 traffic, this is usually
         implemented as an input filter and/or has limited ability to
         filter output broadcast traffic.  This means that the seemingly
         simple and obvious solution to "just disable ARP or filter it
         outbound" is made difficult or awkward in practice by
         implementations and/or architectural issues.

   NAT  
         Broadcasts can often be caused by outside Wi-Fi scanning /
         backscatter traffic.  In order to reduce the impact of
         broadcasts, NAT can be used on the entire (or a large portion)
         of a network.  This would eliminate NAT translation entries for
         unused addresses, and the router would never ARP for them.
         There are, however, many reasons to avoid using NAT in such a
         blanket fashion.

   Stateful firewalls
         Another obvious solution would be to put a stateful firewall
         between the wireless network and the Internet.  This firewall
         would block incoming traffic not associated with an outbound
         request.  But this conflicts with the need and desire of some
         organizations to have the network as open as possible and to
         honor the end-to-end principle.  An attendee on a meeting
         network should be an Internet host and should be able to
         receive unsolicited requests.  Unfortunately, keeping the
         network working and stable is the first priority, and a
         stateful firewall may be required in order to achieve this.

5.2.  Mitigating Spurious Service Discovery Messages

   In networks that must support hundreds of STAs, operators have
   observed network degradation due to many devices simultaneously
   registering with mDNS.  In a network with many clients, it is
   recommended to ensure that mDNS packets designed to discover services
   in smaller home networks be constrained to avoid disrupting other
   traffic.

6.  Multicast Considerations for Other Wireless Media

   Many of the causes of performance degradation described in earlier
   sections are also observable for wireless media other than 802.11.

   For instance, problems with power save, excess media occupancy, and
   poor reliability will also affect 802.15.3 and 802.15.4.
   Unfortunately, 802.15 media specifications do not yet include
   mechanisms similar to those developed for 802.11.  In fact, the
   design philosophy for 802.15 is oriented towards minimality, with the
   result that many such functions are relegated to operation within
   higher-layer protocols.  This leads to a patchwork of non-
   interoperable and vendor-specific solutions.  See [uli] for
   additional discussion and a proposal for a task group to resolve
   similar issues, in which the multicast problems might be considered
   for mitigation.

   Similar considerations hold for most other wireless media.  A brief
   introduction is provided in [RFC5757] for the following:

   *  802.16 WiMAX

   *  3GPP/3GPP2

   *  DVB-H/DVB-IPDC

   *  TV Broadcast and Satellite Networks

7.  Recommendations

   This section provides some recommendations about the usage and
   combinations of some of the multicast enhancements described in
   Sections 4 and 5.

   Future protocol documents utilizing multicast signaling should be
   carefully scrutinized if the protocol is likely to be used over
   wireless media.

   The use of proxy methods should be encouraged to conserve network
   bandwidth and power utilization by low-power devices.  The device can
   send a unicast message to its proxy, and then the proxy can take care
   of any needed multicast operations.

   Multicast signaling for wireless devices should be done in a way that
   is compatible with low duty-cycle operation.

8.  Ongoing Discussion Items

   This section suggests two discussion items for further resolution.

   First, standards (and private) organizations should develop
   guidelines to help clarify when multicast packets would be better
   served by being sent wired rather than wireless.  For example,
   802.1ak [IEEE802.1ak] works on both Ethernet and Wi-Fi, and
   organizations could help with deployment decision making by
   developing guidelines for multicast over Wi-Fi, including options for
   when traffic should be sent wired.

   Second, reliable registration to Layer 2 multicast groups and a
   reliable multicast operation at Layer 2 might provide a good
   multicast over Wi-Fi solution.  There shouldn't be a need to support
   2^24 groups to get solicited node multicast working: it is possible
   to simply select a number of bits that make sense for a given network
   size to limit the number of unwanted deliveries to reasonable levels.
   The IEEE 802.1, 802.11, and 802.15 Working Groups should be
   encouraged to revisit Layer 2 multicast issues and provide workable
   solutions.

9.  Security Considerations

   This document does not introduce or modify any security mechanisms.
   Multicast deployed on wired or wireless networks as discussed in this
   document can be made more secure in a variety of ways.  [RFC4601],
   for instance, specifies the use of IPsec to ensure authentication of
   the link-local messages in the Protocol Independent Multicast -
   Sparse Mode (PIM-SM) routing protocol.  [RFC5796] specifies
   mechanisms to authenticate the PIM-SM link-local messages using the
   IP security (IPsec) Encapsulating Security Payload (ESP) or
   (optionally) the Authentication Header (AH).

   When using mechanisms that convert multicast traffic to unicast
   traffic for traversing radio links, the AP (or other entity) is
   forced to explicitly track which subscribers care about certain
   multicast traffic.  This is generally a reasonable trade-off but does
   result in another entity that is tracking what entities subscribe to
   which multicast traffic.  While such information is already (by
   necessity) tracked elsewhere, this does present an expansion of the
   attack surface for that potentially privacy-sensitive information.

   As noted in [group_key], the unreliable nature of multicast
   transmission over wireless media can cause subtle problems with
   multicast group key management and updates.  [group_key] states that
   when TKIP (WPA, now deprecated) or AES-CCMP (WPA2/WPA3) encryption is
   in use, AP-to-client (FromDS) multicasts have to be encrypted with a
   separate encryption key that is known to all of the clients (this is
   called the Group Key).  Quoting further from that website, "... most
   clients are able to get connected and surf the web, check email, etc.
   even when FromDS multicasts are broken.  So a lot of people don't
   realize they have multicast problems on their network..."

   This document encourages the use of proxy methods to conserve network
   bandwidth and power utilization by low-power devices.  Such proxy
   methods in general have security considerations that require the
   proxy to be trusted to not misbehave.  One such proxy method listed
   is an ARP Sponge that listens for ARP requests, and, if it sees an
   ARP for an IP address that it believes is not used, it will reply
   with its own MAC address.  ARP poisoning and false advertising could
   potentially undermine (e.g., DoS) this and other proxy approaches.

10.  IANA Considerations

   This document has no IANA actions.
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